From the descriptions below, select the one statement that best describes how you meet the minimum qualifications for this position.
1. Are you a citizen of the United States of America?
2. Do you possess a Bachelor's degree from an accredited college or university in accounting, or information systems management, or in a related field that includes at least 24 semester hours in accounting or information systems management? (SUBMIT TRANSCRIPTS)
3. Do you have at least four (4) years of professional auditing experience to include specialized experience in analyzing, reviewing, and assessing information technology procedures and controls in topics such as: vulnerability assessments, general controls, computer security techniques, application control reviews, system development life cycle, operating system software, multi-platform hardware such as client-server or mainframes, network operations and testing, data integrity, disaster recovery, information systems acquisitions, etc.? NOTE: Two years of US Postal Service experience with information systems management may be substituted for two years of auditing experience.A. Yes
USPS OIG officials may not appoint any of their relatives or recommend them for appointment in the OIG. Any relative who is appointed in violation of this restriction cannot be paid. Thus it is necessary to have information about your relatives who are working for the USPS OIG. These include: mother, father, daughter, son, sister, brother, aunt, uncle, first cousin, niece, nephew, wife, husband, mother-in-law, father-in-law, daughter-in-law, son-in-law, sister-in-law, brother-in-law, stepfather, stepmother, stepdaughter, stepson, stepsister, stepbrother, half-sister, and half-brother.
4. Does the USPS Office of Inspector General employ any relative of yours by blood or marriage?
If you answer "Yes" to this question, provide the following information in the section provided for such relatives:
(1) Full name; (2) Present address and ZIP Code; (3) Relationship; (4) Position title; (5) Name and location of USPS OIG installation where employed.
From the descriptions below, select the one statement that best describes how you meet the desirable qualifications of certification and experience for this position. (YOUR RESUME MUST REFLECT WHERE, WHEN, AND HOW YOU GAINED THIS EXPERIENCE.)
5. Do you have an advanced degree in accounting or information systems management, or in a related field that includes at least 24 semester hours in accounting or information systems management, i.e. Masters, etc.?A. Yes
6. Do you have multi-disciplined experience in the auditing profession and information systems management industry?A. Yes
7. Do you have proficiency in management and use of manual and automated vulnerability assessment processes and tools?A. Yes
8. Do you have a Professional Certification, such as CPA, CIA, CRISC, CISA, CISSP, CISM, Lean Six Sigma, etc.? (SUBMIT COPY)A. Yes
9. Do you have extensive experience in planning, directing, and executing complex, multi-site (nationwide) performance/efficiency audits?A. Yes
KNOWLEDGE OF THE THEORIES, CONCEPTS, PRINCIPLES, AND PRACTICES OF INFORMATION SYSTEMS AUDIT EVALUATION SUFFICIENT TO CONDUCT DIFFICULT ASSIGNMENTS INVOLVING INTERFACES AND INTER-RELATIONSHIPS BETWEEN AND AMONG PROGRAMS, FUNCTIONS, POLICES AND VARIOUS ISSUES
Your resume MUST reflect that you have experience, knowledge, and/or skills in each of the following Evaluation Factors.
For each task in the following groups, choose the statement from the list A through E following each task that best describes your experience and/or training. Your resume must support your answers or your overall rating may be negatively impacted. Please select only one letter for each item.
10. Develop audit work that will add value to the agency to focus on areas that warrant audit attention
11. Proved recommendations to improve the ability to identify and track computing assets to address identified issues
12. Audit information systems to ensure integrity and effectiveness of security measures
13. Prepare risk analysis by testing policies, procedures, laws, regulations and internal controls, as well as internal interviews of system users
14. Report audit results, suggesting measures to improve security
15. Inspect and evaluate the organization's financial and information systems, management procedures and security controls to identify waste and fraud
16. Assess the effectiveness of computer systems, programs, and their information security components, to provide recommendations on improvements to make them more effective
SKILL IN ANALYZING, REVIEWING, AND ASSESSING INFORMATION TECHNOLOGY PROCEDURES AND CONTROLS IN TOPICS SUCH AS:TELECOMMUNICATIONS AND NETWORK SECURITY,GENERAL CONTROLS, COMPUTER SECURITY TECHNIQUES, APPLICATION CONTROL, SYSTEM DEVELOPMENT LIFE CYCLE, OPERATING SYSTEM SOFTWARE, MULTI-PLATFORM HARDWARE SUCH AS CLIENT-SERVER OR MAINFRAMES,NETWORK OPERATIONS AND TESTING,, DISASTER RECOVERY, ETC.
17. Assess overall security risks associated with identified vulnerabilities
18. Analyze raw data files and computer generated data using manual and automated techniques
19. Identify opportunities to improve ability to identify and track computing assets
20. Review company operation processes, evaluating the efficiency, effectiveness and compliance with corporate security policies and related government regulation
21. Issue recommendations on best practices to improve the security levels of the system
ABILITY TO EVALUATE COMPUTER SECURITY ASSOCIATED WITH VAROUS INFORMATION TECHNOLOGY ENVIRONMENTS, OPERATING SYSTEMS, HARDWARE, SOFTWARE COMPONENTS, SYSTEMS AND SUBSYSTEMS
22. Determine whether a computer system is safe enough to protect a company's assets and data integrity while allowing for the organizational goals to be attained through efficient use of IT resources
23. Assess and review current technology infrastructure to identify key risks areas, and ensure adequate level of control are in place to address those risks.
24. Address identified issues with Patch Management and software products that are not adequately maintained
25. Proficient in the management and use of manual and automated techniques for scanning, vulnerability, and penetration testing of networks, applications, operating systems, databases, and email systems to ensure the infrastructure supporting those systems are secure
26. Evaluate and recommend technological and architectural upgrades/modifications to the agency's Information Systems Security architecture
ABILITY TO COMMUNICATE EFFECTIVELY BOTH ORALLY AND IN WRITING
27. Conduct entrance interviews with auditees to explain the purpose of audit
28. Work in cooperation with others groups of an organization to ensure the security of all IT systems
29. Establish contacts to acquire or exchange information or facts needed to complete an assignment
30. Write information in a clear, concise, and well-organized manner
31. Present information to supervisor and peers explaining audit conclusions
Select the response below that best states your certification of the accuracy of responses and information provided.
32. Your responses to this questionnaire are subject to evaluation, and later steps in the selection process are specifically designed to verify the accuracy of your responses. Deliberate attempts to falsify information may be grounds for disqualifying you or for dismissing you from employment following acceptance. Please take this opportunity to review your responses to ensure they accurately represent your current level of experience and capability, and select the response below that best applies. Failure to certify accuracy below will disqualify you from further consideration for this position.